Date: Mon, 18 Oct 2010 11:56:44 -0700 From: Julian Elischer <julian@freebsd.org> To: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org>, virtualization@freebsd.org Subject: Re: [PATCH] pf(4) patch from OpenBSD 4.5 Message-ID: <4CBC986C.30205@freebsd.org> In-Reply-To: <AANLkTinXNRKSwjuOeQkDTANhSSbHYHZnf4SvaFHbEdrg@mail.gmail.com> References: <AANLkTinXNRKSwjuOeQkDTANhSSbHYHZnf4SvaFHbEdrg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/18/10 11:10 AM, Ermal Luçi wrote: > Hello, > > the link http://people.freebsd.org/~eri/pf45_1.diff has the patch for > pf(4) as of OpenBSD 4.5 version. > The patch is against HEAD. > After OpenBSD 4.5 the syntax has changed and this is the reason for > such an 'old' version patch. > > After importing this one the work will go on the newest version and > decisions on it will than be done. > > Be aware that this patch has even support for VIMAGE/VNET. > It will enable you to run pf(4) with[in] jails+vnets or just vnets > themselves with separate rulesets > and policies. > pfsync(4) can be loaded as a module also with this patch. hooray! what to do with pfsync is hte question.. we don't yet have devfs-per-jail but I think that's probably something we should work on pretty soon. I guess /dev/pfsync could only give you stuff from your own jail/vnet but I don't use it so I'm not sure how it works. > Feedback is very welcome. > > Regards,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CBC986C.30205>